As Facebook was still reeling from a massive global outage on October 4, reports emerged that the personal information belonging to more than 1.5 billion users was being sold on the dark web.
Facebook has since not given a clear picture concerning the origin of the outage that started at around 11:45 ET. While it may be normal for websites and apps to suffer outages from time to time, a global event like this is considered to be rare.
Point to note, Facebook is currently undergoing a major PR crisis involving a whistleblower who provided content to The Wall Street Journal’s series of stories about the social media company’s awareness of internal research into the negative effects of its products and decisions.
In the same breath, a popular post on social media showed that the Facebook domain is apparently put up for sale. A “whois” check on domaintools.com indeed confirms that facebook.com was being advertised (See Below).
Figure 2: Twitter user sharing a screenshot of the "facebook domain for sale" advert online.
On the dark web’s Dread forum, users on the sub dread “OpSec” were quick to comment on the Facebook outage in an attempt to get a sense of what may have happened to the social media app.
One user /u/mrmelkis believed that Facebook had suffered a DDoS attack. He said, “Somebody did it pretty good – all three down! Unofficial source informed – DDoS”. However, another user opined that the social media giant had experienced a Domain Name System (DNS) issue that resulted in the global outage (See screenshot).
Figure 3: This Dread user is certain that the Facebook outage was caused by a DNS issue.
How Did This Happen?
According to media reports, the dark web traders have claimed that they managed to harvest the user data by scrapping rather than hacking the world’s biggest social platform. What’s even more interesting to their claim is that they may have pulled this off without the need to compromise individual user accounts.
Typically, most of the user data from Facebook is simply scrapped from profiles that have been set to “Public” by their owners. The unfortunate reality, however, is that most of the personal information belonging to users is normally shared by the specific users themselves – mostly unknowingly.
The illicit aspect of data scrapping that targets Facebook users is presented in the form of fake Facebook surveys or quizzes. At some point in their online lives, the majority of Facebook users must have come across quizzes with titles such as “Answer these questions to find out where the love of your life is located”.
Most of these quizzes turn out to be traps that are laid by threat actors with the aim of harvesting the personal data of unsuspecting victims. Truth is, every time a user participates in any of the fake surveys, they give express permission to quiz creators to view their sensitive Facebook information such as full name, email address, cellphone number, physical address and gender.
Indeed, these circumstances, and the claims made by the dark web cybercriminals that have advertised the Facebook data for sale, may open a Pandora’s Box once investigations into the latest cyber events are opened up.
What’s at Stake?
While no accounts have been compromised, this is very little consolation for users whose data will be used by internet marketers and cybercriminals.
Unscrupulous marketers may leverage the data to push their agenda by bombarding specific users or groups of people with annoying adverts.
Additionally, SMS and Push notification spam may arise owing to their increase in popularity among unethical actors across the world – take note that most countries have ratified law that ban these practices.
Otherwise, the affected Facebook users may be exposed to phishing and social engineering attacks. The fact that Facebook accounts and online banking logins fetch as little as $10 on the dark web makes the situation very worrying – this cheap price means that the majority of hackers will not mind the cost of pulling off a cyberattack on victims.